Cyber Update

Patch Tuesday, November 2018 Edition: Microsoft on Tuesday released 16 software updates to fix more than 60 security holes in various flavors of Windows and other Microsoft products. Adobe also has security patches available for Flash Player, Acrobat and Reader users. KrebsOnSecurity, November 14, 2018

Cyber Defense

Firefox Will Now Alert You When You Visit Hacked Sites: It can be hard to know if and when you might have been impacted by a data breach. That is, unless you’re a Firefox Quantum user. Today, Mozilla announced it’ll alert desktop users when they stumble upon a site that’s recently reported a breach. Gizmodo, November 15, 2018

Cyber Warning

The Misafes ‘Kids Watcher‘ Wristwatch Allows Hackers to Stalk, Spy On Children: Wristwatches with tracking capabilities have gained popularity over the years as an easy way for parents to keep tabs on their children. But a newly-discovered hole in a popular Misafes watch opens up these tracking capabilities to bad actors, which could ultimately threaten the physical safety of the children wearing the watches. TheatPost, November 15, 2018

Internet of Things

Maybe Your Refrigerator Should Not Be Trusted with an IP: The Internet of Things (IoT) market is exploding, with 7 billion IoT devices already in use globally, as well as 17 billion connected devices. We’re gaining the ability to remotely peek inside our refrigerators to check whether we need more milk, turn on the AC system before we get home, and access security systems. ITSP, November 12, 2018

That Domain You Forgot to Renew? Yeah, it’s Now Stealing Credit Cards: If you own a domain name that gets decent traffic and you fail to pay its annual renewal fee, chances are this mistake will be costly for you and for others. Lately, neglected domains have been getting scooped up by crooks who use them to set up fake e-commerce sites that steal credit card details from unwary shoppers. KrebsOnSecurity, November 13, 2018

10 cybersecurity trends for insurers to watch in 2019: Cyber attacks and data breaches continue to increase in both frequency and intensity, and organizations can expect more of the same in 2019. Here are 10 trends that are putting firms at greatest risk. Digital Insurance, November 12, 2018

IoT related security missteps cost enterprises millions: Enterprises have begun sustaining significant monetary losses stemming from the lack of good practices as they move forward with incorporating the IoT into their business models, according to a new study from DigiCert. HelpNetSecurity, November 15, 2018

Secure The Human

Cybersecurity: Eight Ways You Can Boost Employee Buy-In: Cybersecurity threats are an ongoing problem, and one that’s growing: It’s hard to go a month without some organization reporting a breach or other problems. There were, for instance, more reported instances of data breaches in the U.S. during the first half of 2018 than in all of 2013, according to a report on Statista. Forbes, November 15, 2018

Cybersecurity in Society

Cyber Privacy

Cities to Become New Frontier in Protecting Broadband Privacy?: Back in the dark days of late 2016 and early 2017, there was a brief flicker of light, one you’ve probably forgotten about. In October 2016, the Federal Communications Commission passed forward-thinking and balanced protections to give consumers real choice over how broadband providers use their information.* The rules were particularly important because broadband providers, as I’ve argued before, have nearly comprehensive views into the online activity of their customers. Providers would love to turn around and use that information to gain an advertising revenue stream on top of the exorbitant amount that you already pay them. The FCC’s rules, overwhelmingly supported by the public, protected broadband customers against unknown and unexpected uses of their private information by their broadband providers, unless the customers opted in. But shortly after the FCC acted, Congress unceremoniously overturned the agency, 215–205. (Among the 205 who voted to retain the protections were 15 Republicans.) Slate, November 14, 2018

Cyber Freedom

Delay, Deny and Deflect: How Facebook’s Leaders Fought Through Crisis: Inside Facebook’s Menlo Park, Calif., headquarters, top executives gathered in the glass-walled conference room of its founder, Mark Zuckerberg. It was September 2017, more than a year after Facebook engineers discovered suspicious Russia-linked activity on its site, an early warning of the Kremlin campaign to disrupt the 2016 American election. Congressional and federal investigators were closing in on evidence that would implicate the company. The New York Times, November 14, 2018

Is the Defense Department’s entire vision of cybersecurity wrong?: Despite long-held beliefs by cybersecurity leaders that military operations in the physical world and in cyberspace are strategically no different, one of the Department of Defense’s top cyber officials is challenging that conventional wisdom. Fifth Domain, November 14, 2018

Cyber Miscellany

That Hackers Hacking Scene May Not Be So Dumb After All: Is there a screen trope simultaneously more loved and reviled than real-time hacking? Not a chance. From the early 1980s, movies and TV shows have developed a seemingly endless appetite for scrolling gibberish, 3D interfaces, pop-up windows, and other kinds of eye candy that scream L33T H4X0R ATTEMPT UNDERWAY. But now, on the latest episode of Technique Critique, security researcher Samy Kamkar blazes a trail of destruction through the chicanery, diagnosing what each famous sequence gets right—or, as is much more likely, wrong. Wired, November 13, 2018

Categories

Get in touch

About Us

Citadel Information Group is a full service integrated information security management / governance firm. We work either consultatively or as part of a client’s senior management team, assisting our clients cost-effectively manage the confidentiality, privacy, integrity and availability of their information. Learn more.